Breach of security and privacy has become of great concern in all organizations. Health and medical institutions too have also fallen victim to this scandal. Ethical and professional codes of conduct especially in health and medical institutions demand privacy of the patients’ information. The information patient share with the doctors and physicians is private and must never be revealed to any part party. However, this is not the case today. Patients fear for the privacy and security of their personal information they choose entrust health personnel with. This infringes the patients of their right to privacy and security (Kelly, 2011). The data base of health institutions are targeted by data base hackers.
At Sutter Medical Foundation, personal information of more than four million patients was exposed after a desktop computer which acted as the information data base for the institution was stolen. Although the computer was password protected, the unencrypted machine contained all the private information about the patients. This incident happened when Sacramento, Calif.-based organization was implementing encryption at Sutter Medical Foundation. Unfortunately, the stolen desktop had not been encrypted (Kelly, 2011). The CEO and the president of the institution said "Sutter Health holds the confidentiality and trust of our patients in the highest regard, and we deeply regret that this incident has occurred. The Sutter Health Data Security Office was in the process of encrypting computers throughout our system when the theft occurred, and we have accelerated these efforts" (Caramenico, 2011; Kelly, 2011). Although the data kept by the medical center had no financial records of the patients, it had demographical statistics and personal information such as addresses and contacts.
The institution responded quickly by reporting the incident to the police. After conducting investigation on the matter, is was discovered that one of the staff colluded with the security installing personnel to steal the desktop. The institution acted quickly by terminating the employee awaiting further charges (Kelly, 2011). The culprits her handed heavy punishment as they were charged in court of law with threat and economic crimes. Their intension was to access patients’ personal and private information for selfish gains or crime (Caramenico, 2011). Increase in the incidents of exposure of personal and private information (especially in the health and medical institutions) places these institutions at a risk of losing potential customers for the fear of insecurity and breach of privacy rights. Hence, these institutions have to act faster to curb the crime and restore patients’ confidence in the ability of health institutions to protect their information privacy (Kelly, 2011).